Werewolf Sharpening Known Stealer for New Attacks
May 29, 2024, 11:29 a.m.
Tags
External References
Description
An analysis reveals that threat actors have developed custom malware based on the open-source SapphireStealer to harvest credentials from employees of Russian companies. The malicious operation involves deploying a modified version of the stealer malware, specifically tailored to target organizations within Russia, with the aim of exfiltrating authentication data from their systems.
Date
Published: May 29, 2024, 11:01 a.m.
Created: May 29, 2024, 11:01 a.m.
Modified: May 29, 2024, 11:29 a.m.
Indicators
5c01531a6b7f25b92e9a2d0d67fe7057813140d2c60dc0bb356b190aa91a5857
301d00aeae52011530370dcf32d0b68ebdcec291d94501b90a44dcc9a714e595
204bcbb030856bfbd7f4b5edad94e17e61a3d44cde88dbcf4f6a30adb786d1a6
Attack Patterns
SapphireStealer
Sapphire Werewolf
T1589
T1567
T1113
T1053
T1003
T1059
Additional Informations
Russian Federation